CVE-2024-7251

CWE-593 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 68.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Comodo Internet Security PROComodo Internet Security
Timeline
PublishedJul 29
Latest updateJul 30

Description

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent executable. By creating a symbolic link, an attacker can abuse the agent to create a file. An attacke

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDcomodo/internet_security12.2.4.8032
CVEListV5comodo/internet_security_pro12.2.4.8032

🔴Vulnerability Details

2
GHSA
GHSA-w2wr-58mm-r5ph: Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability2024-07-30
CVEList
Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability2024-07-29
CVE-2024-7251 (HIGH CVSS 7.8) | Comodo Internet Security Pro cmdage | cvebase.io